Search in sources :

Example 1 with ClientsResource

use of org.keycloak.admin.client.resource.ClientsResource in project openremote by openremote.

the class ManagerKeycloakIdentityProvider method updateRoles.

@Override
public void updateRoles(ClientRequestInfo clientRequestInfo, String realm, String userId, Role[] roles) {
    RoleMappingResource roleMappingResource = getRealms(clientRequestInfo).realm(realm).users().get(userId).roles();
    ClientsResource clientsResource = getRealms(clientRequestInfo).realm(realm).clients();
    String clientId = clientsResource.findByClientId(KEYCLOAK_CLIENT_ID).get(0).getId();
    List<RoleRepresentation> rolesToAdd = new ArrayList<>();
    List<RoleRepresentation> rolesToRemove = new ArrayList<>();
    for (Role role : roles) {
        RoleRepresentation roleRepresentation = new RoleRepresentation();
        roleRepresentation.setId(role.getId());
        roleRepresentation.setName(role.getName());
        if (role.isAssigned()) {
            rolesToAdd.add(roleRepresentation);
        } else {
            rolesToRemove.add(roleRepresentation);
        }
    }
    roleMappingResource.clientLevel(clientId).add(rolesToAdd);
    roleMappingResource.clientLevel(clientId).remove(rolesToRemove);
}
Also used : ClientsResource(org.keycloak.admin.client.resource.ClientsResource) ArrayList(java.util.ArrayList) RoleMappingResource(org.keycloak.admin.client.resource.RoleMappingResource)

Example 2 with ClientsResource

use of org.keycloak.admin.client.resource.ClientsResource in project openremote by openremote.

the class ManagerKeycloakIdentityProvider method createClientApplication.

public void createClientApplication(ClientRequestInfo clientRequestInfo, String realm) {
    ClientsResource clientsResource = getRealms(clientRequestInfo).realm(realm).clients();
    ClientRepresentation client = createClientApplication(realm, KEYCLOAK_CLIENT_ID, "OpenRemote", devMode);
    clientsResource.create(client);
    client = clientsResource.findByClientId(client.getClientId()).get(0);
    ClientResource clientResource = clientsResource.get(client.getId());
    addDefaultRoles(clientResource.roles());
}
Also used : ClientsResource(org.keycloak.admin.client.resource.ClientsResource) ClientResource(org.keycloak.admin.client.resource.ClientResource)

Example 3 with ClientsResource

use of org.keycloak.admin.client.resource.ClientsResource in project openremote by openremote.

the class ManagerKeycloakIdentityProvider method getRoles.

@Override
public Role[] getRoles(ClientRequestInfo clientRequestInfo, String realm, String userId) {
    RoleMappingResource roleMappingResource = getRealms(clientRequestInfo).realm(realm).users().get(userId).roles();
    ClientsResource clientsResource = getRealms(clientRequestInfo).realm(realm).clients();
    String clientId = clientsResource.findByClientId(KEYCLOAK_CLIENT_ID).get(0).getId();
    RolesResource rolesResource = clientsResource.get(clientId).roles();
    List<RoleRepresentation> allRoles = rolesResource.list();
    List<RoleRepresentation> effectiveRoles = roleMappingResource.clientLevel(clientId).listEffective();
    List<Role> roles = new ArrayList<>();
    for (RoleRepresentation roleRepresentation : allRoles) {
        boolean isAssigned = false;
        for (RoleRepresentation effectiveRole : effectiveRoles) {
            if (effectiveRole.getId().equals(roleRepresentation.getId()))
                isAssigned = true;
        }
        roles.add(new Role(roleRepresentation.getId(), roleRepresentation.getName(), roleRepresentation.isComposite(), isAssigned));
    }
    return roles.toArray(new Role[roles.size()]);
}
Also used : ClientsResource(org.keycloak.admin.client.resource.ClientsResource) ArrayList(java.util.ArrayList) RolesResource(org.keycloak.admin.client.resource.RolesResource) RoleMappingResource(org.keycloak.admin.client.resource.RoleMappingResource)

Example 4 with ClientsResource

use of org.keycloak.admin.client.resource.ClientsResource in project openremote by openremote.

the class KeycloakDemoSetup method onStart.

@Override
public void onStart() throws Exception {
    super.onStart();
    // Tenants
    masterTenant = identityService.getIdentityProvider().getTenantForRealm(Constants.MASTER_REALM);
    Tenant customerA = new Tenant();
    customerA.setRealm("customerA");
    customerA.setDisplayName("Customer A");
    customerA.setEnabled(true);
    keycloakProvider.createTenant(new ClientRequestInfo(null, accessToken), customerA, emailConfig);
    customerATenant = keycloakProvider.getTenantForRealm(customerA.getRealm());
    Tenant customerB = new Tenant();
    customerB.setRealm("customerB");
    customerB.setDisplayName("Customer B");
    customerB.setEnabled(true);
    keycloakProvider.createTenant(new ClientRequestInfo(null, accessToken), customerB, emailConfig);
    customerBTenant = keycloakProvider.getTenantForRealm(customerB.getRealm());
    // Users
    String masterClientObjectId = getClientObjectId(masterClientsResource);
    RolesResource masterRolesResource = masterClientsResource.get(masterClientObjectId).roles();
    UserRepresentation testuser1 = new UserRepresentation();
    testuser1.setUsername("testuser1");
    testuser1.setFirstName("Testuserfirst");
    testuser1.setLastName("Testuserlast");
    testuser1.setEnabled(true);
    masterUsersResource.create(testuser1);
    testuser1 = masterUsersResource.search("testuser1", null, null, null, null, null).get(0);
    this.testuser1Id = testuser1.getId();
    CredentialRepresentation testuser1Credentials = new CredentialRepresentation();
    testuser1Credentials.setType("password");
    testuser1Credentials.setValue("testuser1");
    testuser1Credentials.setTemporary(false);
    masterUsersResource.get(testuser1.getId()).resetPassword(testuser1Credentials);
    masterUsersResource.get(testuser1.getId()).roles().clientLevel(masterClientObjectId).add(Arrays.asList(masterRolesResource.get(ClientRole.WRITE_USER.getValue()).toRepresentation(), masterRolesResource.get(ClientRole.READ_MAP.getValue()).toRepresentation(), masterRolesResource.get(ClientRole.READ_ASSETS.getValue()).toRepresentation(), masterRolesResource.get(ClientRole.READ_RULES.getValue()).toRepresentation(), masterRolesResource.get(ClientRole.WRITE_ASSETS.getValue()).toRepresentation(), masterRolesResource.get(ClientRole.WRITE_RULES.getValue()).toRepresentation()));
    LOG.info("Added demo user '" + testuser1.getUsername() + "' with password '" + testuser1Credentials.getValue() + "'");
    UsersResource customerAUsersResource = keycloakProvider.getRealms(accessToken).realm("customerA").users();
    ClientsResource customerAClientsResource = keycloakProvider.getRealms(accessToken).realm("customerA").clients();
    String customerAClientObjectId = getClientObjectId(customerAClientsResource);
    RolesResource customerARolesResource = customerAClientsResource.get(customerAClientObjectId).roles();
    UserRepresentation testuser2 = new UserRepresentation();
    testuser2.setUsername("testuser2");
    testuser2.setFirstName("Testuserfirst");
    testuser2.setLastName("Testuserlast");
    testuser2.setEnabled(true);
    customerAUsersResource.create(testuser2);
    testuser2 = customerAUsersResource.search("testuser2", null, null, null, null, null).get(0);
    this.testuser2Id = testuser2.getId();
    CredentialRepresentation testuser2Credentials = new CredentialRepresentation();
    testuser2Credentials.setType("password");
    testuser2Credentials.setValue("testuser2");
    testuser2Credentials.setTemporary(false);
    customerAUsersResource.get(testuser2.getId()).resetPassword(testuser2Credentials);
    customerAUsersResource.get(testuser2.getId()).roles().clientLevel(customerAClientObjectId).add(Arrays.asList(customerARolesResource.get(ClientRole.WRITE_USER.getValue()).toRepresentation(), customerARolesResource.get(ClientRole.READ_MAP.getValue()).toRepresentation(), customerARolesResource.get(ClientRole.READ_ASSETS.getValue()).toRepresentation()));
    LOG.info("Added demo user '" + testuser2.getUsername() + "' with password '" + testuser2Credentials.getValue() + "'");
    UserRepresentation testuser3 = new UserRepresentation();
    testuser3.setUsername("testuser3");
    testuser3.setFirstName("Testuserfirst");
    testuser3.setLastName("Testuserlast");
    testuser3.setEnabled(true);
    customerAUsersResource.create(testuser3);
    testuser3 = customerAUsersResource.search("testuser3", null, null, null, null, null).get(0);
    this.testuser3Id = testuser3.getId();
    CredentialRepresentation testuser3Credentials = new CredentialRepresentation();
    testuser3Credentials.setType("password");
    testuser3Credentials.setValue("testuser3");
    testuser3Credentials.setTemporary(false);
    customerAUsersResource.get(testuser3.getId()).resetPassword(testuser3Credentials);
    customerAUsersResource.get(testuser3.getId()).roles().clientLevel(customerAClientObjectId).add(Arrays.asList(customerARolesResource.get(ClientRole.WRITE_USER.getValue()).toRepresentation(), customerARolesResource.get(ClientRole.READ_MAP.getValue()).toRepresentation(), customerARolesResource.get(ClientRole.READ_ASSETS.getValue()).toRepresentation(), customerARolesResource.get(ClientRole.WRITE_RULES.getValue()).toRepresentation(), customerARolesResource.get(ClientRole.WRITE_ASSETS.getValue()).toRepresentation(), customerARolesResource.get(ClientRole.READ_RULES.getValue()).toRepresentation()));
    LOG.info("Added demo user '" + testuser3.getUsername() + "' with password '" + testuser3Credentials.getValue() + "'");
}
Also used : CredentialRepresentation(org.keycloak.representations.idm.CredentialRepresentation) Tenant(org.openremote.model.security.Tenant) UsersResource(org.keycloak.admin.client.resource.UsersResource) ClientsResource(org.keycloak.admin.client.resource.ClientsResource) ClientRequestInfo(org.openremote.container.web.ClientRequestInfo) RolesResource(org.keycloak.admin.client.resource.RolesResource) UserRepresentation(org.keycloak.representations.idm.UserRepresentation)

Aggregations

ClientsResource (org.keycloak.admin.client.resource.ClientsResource)4 ArrayList (java.util.ArrayList)2 RoleMappingResource (org.keycloak.admin.client.resource.RoleMappingResource)2 RolesResource (org.keycloak.admin.client.resource.RolesResource)2 ClientResource (org.keycloak.admin.client.resource.ClientResource)1 UsersResource (org.keycloak.admin.client.resource.UsersResource)1 CredentialRepresentation (org.keycloak.representations.idm.CredentialRepresentation)1 UserRepresentation (org.keycloak.representations.idm.UserRepresentation)1 ClientRequestInfo (org.openremote.container.web.ClientRequestInfo)1 Tenant (org.openremote.model.security.Tenant)1